Icahn Automotive Group LLC (Icahn Automotive) was formed by its parent, Icahn Enterprises L.P. (NASDAQ: IEP), to invest in and operate businesses involved in aftermarket parts distribution and service. Our businesses have a singular focus: provide premium automotive parts and services at a great value. The businesses of Icahn Automotive today consist of Pep Boys® automotive aftermarket retail and service chain, Auto Plus® automotive aftermarket parts distributor, Precision Tune Auto Care® owned and franchised automotive service centers, and AAMCO Total Auto Care franchised service centers. The businesses of Icahn Automotive total over 22,000 employees, over 2,000 company-owned and franchise locations and 25 distribution centers throughout the US, Canada, and Puerto Rico.
The IT Security team at Icahn Automotive plays a vital role in the delivery of e-Commerce, retail, and commercial services to our customers in the US, Canada, and Puerto Rico. Our team works to protect data and ensure availability of services for our customers, our employees, and the company. We are seeking an IT Security Engineer who can leverage their security experience to help drive the evolution of our security programs.
Duties & Responsibilities
- Increase security, compliance, and user experience through the adoption of IAM solutions
- Implement SSO solutions and integrate into overall landscape
- Onboard SSO applications
- Streamline and automate identity lifecycle and governance
- Manage GRC optimization and compliance activities for PCI, SOX and CCPA
- Define and maintain GRC policies and standards
- Lead internal and vendor assessments against established frameworks such as NIST
- Enhance secure software development and testing practices
- Provide guidelines, requirements, and education to development communities
- Leverage tools to increase security and assess compliance
- Coordinate with internal and external auditors, assessors, business and IT leaders
- Participate in network security operations, escalations, incident management, and investigations
- Assist CISO in development of overall security strategy.
Knowledge, Skills, and Abilities
- Bachelor degree in an Information Technology related field or equivalent work experience is required.
- 5+ years of experience in information security, IT controls and/or identity management is required.
- Professional certifications such as CISSP, CEH or CISM are a plus.
- Must have a security mindset.
- Experience implementing, managing, assessing, and reporting on controls such as SOX, PCI, GDPR, etc. is required.
- Experience conducting risk assessments of organizations, solutions, and vendors against industry frameworks is required.
- Familiarity with active directory, identity management, SAML, and user identity lifecycle is required.
- Ability to own and drive solutions from conception through completion.
- Knowledge of OWASP and secure application development and assessment practices.
- Strong analytical and problem-solving skills.
- Able to work independently and with other teams.
Physical Demands/Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
The characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
- Repetitive movement of hands and fingers, typing or writing.
- Occasional standing and walking.
- Talk and hear.
Sarbanes Oxley Act (Sox) Compliance
Open Web Application Security
Certified Information Systems Security Professional